Bug
Prefilling of different credentials in different stores on same domain
Issue description
When accessing different stores under one domain with the same user name, passwords get mixed up.
Workaround
Use a password manager like lastpass or 1password.
Developer comments
Most passwords manager seem to suggest the same username/password combination for one domain independent of the path. I confirmed this in Chromium under Ubuntu, Chrome under Windows 10 and Edge under Windows 10. All had the same problem that they assume that a user name is unique per domain.
While i initially believed that something is wrong with the fairly new login form, i had to drop that assumption. Now I think, that making the parts of the form markup unique to the store will not resolve the issue.
Investigating the issue on Ubuntu further, it surfaced that Chromium is not using their own SQLite based password store in the directory of the user profile. The table login data is always empty. It uses the OS password manager. In this case: seahorse. Seahorse allows to inspect all information stored and for every password there is the field %signon_realm%. For basic authentication this differs from store to store, but for the form based authenicated stores it is the same. This probably causes the confusion.
Rejection comment
This is a browser issues.
|
Work sessions2
Start |
2016-02-01T14:57:54
|
End |
2016-02-01T16:05:30
|
Participant |
Robert Cerny
|
Start |
2016-02-02T09:50:24
|
End |
2016-02-02T11:24:02
|
Participant |
Robert Cerny
|
|
We are sorry
This page cannot be displayed in your browser. Use Firefox, Opera, Safari, or Chrome instead.